310 likes | 382 Views
Finance and Governance Workshop. Management of a Data Breach James Webster Hiscox Insurance. Question. What industry makes up the highest percentage of investigations?. Answer. Source: Trustwave 2013 Global Security Report. Question.
E N D
Finance and Governance Workshop Management of a Data Breach James Webster HiscoxInsurance
Question What industry makes up the highest percentage of investigations?
Answer Source: Trustwave 2013 Global Security Report
Question What is the average timeframe from an initial breach to detection?
Answer 210 days Source: Trustwave 2013 Global Security Report
Question What are the most common methods of detection?
Answer Source: Trustwave 2013 Global Security Report
Question From which country do most attacks originate?
Answer Source: Trustwave 2013 Global Security Report
Question What percentage of breaches involve a third party responsible for system support, development or maintenance?
Answer Source: Trustwave 2013 Global Security Report
Question What is the average cost per compromised record after a data breach?
Answer Source: 2013 Cost of Data Breach Study, Ponemon Institute
Question What is the average cost per data breach incident?
Answer $3.14 million (£2.05 million) in the UK Source: 2013 Cost of Data Breach Study, Ponemon Institute
Question Which industries have the highest breach costs?
Answer Hospitality: £68 per record Public services: £48 per record Source: 2013 Cost of Data Breach Study, Ponemon Institute
Question What is the most common cause of data breaches?
Answer Source: 2013 Cost of Data Breach Study, Ponemon Institute
Breakfast with Malcolm Team training Coffee with Alan from Barclays Call Jenna Murray re: licensing Lunch with Board Review outsourcing agreement and call with the lawyers Meeting with Arnold re: finance (do not miss!) Conference call with Heads of Department Discuss conference call with FD Tom’s appraisal
Management of a data breach • Importance of Incident Response Plans • Containment and recovery • Assessment of ongoing risk • Notification of breach • Evaluation and response These are not linear activities, following one another in orderly sequence.......
Breakfast with Malcolm Team training Re-arrange for Friday Coffee with Alan from Barclays Jill – rearramge this please Call Jenna Murray re: licensing Handover to John Lunch with Board Review outsourcing agreement and call with the lewyers Move to tomorrow (pm) Meeting with Arnold re: finance (do not miss!) Conference call with Heads of Department Discuss conference call with FD Tom’s appraisal
Management of a data breach • Containment and recovery • Decide who is to take the lead in investigating • Establish who needs to be informed (internally and externally – separately from any formal notifications) • Identify actions to recover loss and/or limit damage • Consider whether appropriate to inform the police
Breakfast with Malcolm July Team training Re-arrange for Friday Coffee with Alan from Barclays Jill – rearrange this please Call Jenna Murray re: licensing Handover to John Lunch with Board Jill – send my apologies Review outsourcing agreement and call with the lawyers Move to tomorrow (pm) Meeting with Arnold re: finance (do not miss!) Send apologies!! Conference call with Heads of Department Discuss conference call with FD Tom’s appraisal Move to Monday – tell HR
Management of a data breach • Risk Assessment • What sort of data is involved? • What level of sensitivity is it? • What is your best assessment of what has happened to the data (in terms of unauthorised parties who have access to it, and for how long they have had access)? • What is its value to the unauthorised party? what harm could come to the affected individuals? • How much data is involved? • Are there wider consequences e.g. risk to public health? • Should passwords be changed or banks contacted?
Anniversary today!! Jill – can you rearrange dinner for tomorrow and please send Trudy some flowers? Data protection training (until 12.30) Lunch with Arnold re: finance Lunch with Tom Meeting with Jenna Murray Oursourcing Agreement! JILL CANCEL EVERYTHING!!! Pick up kids (Trudy at hairdressers)
Management of a data breach • Notification • ICO notification: telecoms sector and public bodies must notify. Other sectors currently voluntary regime • FCA and other regulators: sector-specific rules apply • Individuals: "will notification help them?" is the ICO's overriding concern Conclusion: notification is not an end in itself
Management of a data breach • Notification Content • “How and when" details and overview • Affected data, affected number of individuals • Breach response so far, mitigation steps taken so far • Security measures in place • Whether individuals have been informed • Whether there has been media coverage • Whether investigation is being carried out, and if so, when is it due and in what format • Whether other regulators or the police have been informed • What future preventive measures you plan • Is there any other information that would be useful?